Picus provides automated pentesting alongside attack path mapping to identify and validate critical cybersecurity risks.

SAN FRANCISCO, Dec. 10, 2024 /PRNewswire/ -- Picus Security, the security validation company, today announced new innovations to its Attack Path Validation (APV) product. The new Picus APV now offers security teams accurate, risk-free, and continuous automated penetration testing to uncover critical risks, while significantly reducing business disruptions and time spent on threat research. Combined with its Breach and Attack Simulation technology, Picus provides a comprehensive approach to Adversarial Exposure Validation for enterprise organizations.

By pairing evasive automated penetration testing alongside attack path-mapping capabilities, Picus allows users to easily find and map critical exposures that could be used by attackers. Legacy pentesting products often produce too many alerts or false positives and can take multiple days to complete, causing intermittent usage. Picus APV mimics the evasiveness of real-world attackers, including techniques such as lateral movement, data exfiltration, and encrypting files on the target network often associated with ransomware attacks. This ensures that testing remains stealthy, avoiding premature detection and ultimately providing a far more accurate representation of genuine threat scenarios.

Designed to ensure safe testing, Picus APV prevents harmful exploits from running in production which minimizes risks like system crashes and network outages. To help security operations teams save precious time and effort, Picus APV can run continuously on autopilot or on a set schedule, even while allowing multiple assessments to run in parallel. Continuous testing improves the visibility of critical vulnerabilities between point-in-time tests.

"Picus APV has been instrumental in elevating our proactive defense capabilities, particularly through its automated pentesting features. Its capabilities allow us to identify gaps swiftly and enhance our cybersecurity posture in real-time," says Andrea Licciardi, Senior Cybersecurity Manager, MAIRE Group, "Additionally, the platform's ability to adapt to specific client requirements has been a determining factor in meeting our unique security needs. We've seen a significant improvement in our overall threat readiness, making Picus APV a key component of our cyber resilience strategy."

According to Gartner, "A good validation process needs to overcome a few challenges. It requires a mix of technical assessments — such as penetration testing, breach and attack simulation, and attack path mapping."*

"We are the only vendor offering a comprehensive Exposure Validation solution," said Volkan Ertürk, Picus co-founder and CTO. "We are bullish about the future of this exciting new cybersecurity market and our position within it. Our expertise in threat simulation and attack paths has enabled us to develop a stealthier automated pentesting product that closely mirrors real-world threats, giving our customers a significant advantage.

The Picus Adversarial Exposure Validation solution brings together Automated Penetration Testing, Attack Path Mapping, and Breach and Attack Simulation (BAS) capabilities in a single open platform.

Availability:

The new Picus APV is available in January 2025.

Additional Information:

• Start the Picus APV Free Trial
• Register for our upcoming webinar: Rethinking Automated Penetration Testing: Be Stealthy and Risk-Free, Wednesday, January 23, 2025 at 10:00 a.m. ET.
• Read the Blog Dual Approach to Validation: Broad and Targeted Automated Penetration Testing

GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationality and is used herein with permission. All rights reserved.

*How to Grow Vulnerability Management Into Exposure Management, By Mitchell Scheider, Jeremy D'Hoinne, Jonathan Nunez, Craig Lawson, 8 November 2024

About Picus

Picus Security, the leading security validation company, gives organizations a clear picture of their cyber risk based on business context. Picus transforms security practices by correlating, prioritizing, and validating exposures across siloed findings so teams can focus on critical gaps and high-impact fixes. With Picus, security teams can quickly take action with one-click mitigations to stop more threats with less effort.

The pioneer of Breach and Attack Simulation, Picus delivers award-winning threat-centric technology that allows teams to pinpoint fixes worth pursuing, offering a 95% recommendation in Gartner Peer Insights Customers' Choice for 2024 in the BAS tools category.*

Logo -

SOURCE Picus Security